SillyTavern has a path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory

Description

A path traversal vulnerability in /api/chats/import allows an authenticated attacker to write attacker-controlled files outside the intended chats directory by injecting traversal sequences into character_name.

Recommendation

Update the sillytavern package to the latest compatible version. Followings are version details:

• Affected version(s): <= 1.16.0
• Patched version(s): 1.17.0

References

• GHSA-xvww-xhx6-22pf
• CVE-2026-34522
• CWE-22
• CWE-73
• CAPEC-310
• OWASP 2021-A1
• OWASP 2021-A4
• OWASP 2021-A6

Related Issues

• SillyTavern: Path Traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user - CVE-2026-34524
• ApostropheCMS has Arbitrary File Write (Zip Slip / Path Traversal) in Import-Export Gzip Extraction - CVE-2026-32731
• Saltcorn has an Unauthenticated Path Traversal in sync endpoints, allowing arbitrary file write and directory read - CVE-2026-40163
• Budibase: Path traversal in plugin file upload enables arbitrary directory deletion and file write - CVE-2026-35214

You might also like:

Apache and Express Path Traversal plus Nginx Restriction Bypass Tests with SmartScanner

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:

npm

sillytavern